Category Sponsorship Banner Left

Category Sponsorship Banner Right

Category Sponsorship Banner Middle

Wednesday, 05 August 2020 17:26

How business can lift protection against mobile threats

By Gigamon

VENDOR PROMOTION: The increased use of personal phones for work and the growth of mobile malware create a risk to organisations, says network monitoring provider Gigamon.

The mobile phone has become ubiquitous both personally and professionally. Many organisations have BYOD (bring your Own Device) policies in which employees are allowed or even encouraged to use their own personal mobile phones for and at work.

Many of these devices are able to access corporate networks and sensitive data, but many may not be as protected or secured as company-owned devices, opening up a Pandora's Box of potential security threats.

A recent Gigamon report looks at the use of mobile devices on business networks and the risks posed by mobile malware and inadequate security. The report also offers several pieces of advice on protecting organisations from mobile threats.

Gigamon points to a couple of recent studies, one of which discovered that 80 percent of employees use their personal phones for work-related purposes and the other that found 70 percent of businesses allow employees to bring their own devices to work. Further, 53 percent of all device usage around the world is from mobile devices, compared with 44 percent for PCs.

At the same time, malware has increased. In 2018 alone, 750 million pieces of malware accounted for more than 10 billion attacks. Though mobile malware represents only a tiny percentage of that total, the types of threats found on mobile devices can gain access to sensitive information.

Specifically, credit card data, intellectual property, and PII (personally identifiable information) can be accessed through Software-as-a-Service (SaaS) apps used on mobile devices.

Mobile devices can open the door to different types of threats, as described in the report.

# Number of applications. Many mobile devices store anywhere from 60 to 90 different apps, including email, SaaS-based programs, cloud storage, social networks, games, and news apps. The more apps that require updating, the more protocols accessible, and the more time someone spends on the device, the greater the potential risk.

# Increased attack surface. The growing number of cloud services accessible on a mobile device can trigger more ways to exfiltrate data or access sensitive information. As such, attackers can use information obtainable from users to devise phishing emails to gain entry to the mobile device. Further, hackers can tap into such methods as drive-by downloads, watering hole attacks, and website compromises to use a mobile device as a gateway into the corporate network.

# Form factor. Mobile devices are equipped with certain exploitable features, such as cameras and microphones. A compromised phone taken into a business environment can be used to snap photos of sensitive documents or presentations.

# Blurring the line between work and personal use. Mobile users can easily blend together personal and professional contacts and other information. As a result, they can make such mistakes as emailing sensitive data to the wrong person or posting confidential material to a social network. A device that's been hacked over public Wi-Fi could see its email, social media, and VoIP conversations compromised.

To help organisations to defend themselves against threats from mobile devices, Giagmon offers the following tips:

# Limit use. One of the most effective ways to secure an environment is to limit the use of mobile devices in sensitive business locations.

# Monitor the network. Be sure to employ network detection and response (NDR) solutions to analyse mobile device traffic for inbound, outbound, and interoffice communication activity associated with threats.

# Check BYOD policies. Make sure that BYOD policies are tight enough to deliver peace of mind. They should reflect a clear understanding of what types of apps cannot be used organisationally and what usages are permitted or disallowed (e.g. transferring company files from approved cloud storage to unapproved cloud storage).

# Mobile device management. Solutions that allow policy implementation on mobile devices are always a good idea. Make sure that there are policies in place that lock down devices, whitelist applications and ensure VPN access.

# Multi factor authentication (MFA). This type of authentication has become widespread and should be one of the many implementations to be included.

# User education. Never forget that users are the first line of defence. It's not enough to do compliance training once a year: Threat actors continuously update and enhance their attacks, so continuous education (including phishing simulations) can go a long way toward keeping security top of mind for employees.

###


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments